Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 4040d8b7 by Salvatore Bonaccorso at 2022-04-08T22:38:24+02:00 Process three more orangehrm CVEs with itp'ed bug - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -4780,11 +4780,11 @@ CVE-2022-27111 CVE-2022-27110 (OrangeHRM 4.10 is vulnerable to a Host header injection redirect via v ...) - orangehrm <itp> (bug #786622) CVE-2022-27109 (OrangeHRM 4.10 suffers from a Referer header injection redirect vulner ...) - TODO: check + - orangehrm <itp> (bug #786622) CVE-2022-27108 (OrangeHRM 4.10 is vulnerable to Insecure Direct Object Reference (IDOR ...) - TODO: check + - orangehrm <itp> (bug #786622) CVE-2022-27107 (OrangeHRM 4.10 is vulnerable to Stored XSS in the "Share Video" sectio ...) - TODO: check + - orangehrm <itp> (bug #786622) CVE-2022-27106 RESERVED CVE-2022-27105 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4040d8b7478f2f959accf867266d36fe32c02080 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4040d8b7478f2f959accf867266d36fe32c02080 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits